﻿<?php
define('ROOT', '../');
include_once (ROOT . 'includes/common.php');

if (!iflogin(DBQZ,$userrow['cookie'])) {
}else{
	header("Location: main.php"); 
}
if(defense($_POST['from'])=='login'){
	$user	= defense($_POST['user']);
	$pwd	= defense($_POST['pwd']);
	$code 	= defense(trim($_POST['code']));
	$ip		= real_ip();
	$date	= date("Y-m-d H:i:s");
	if(!$user or !$pwd){
		$arr = array(
			'code' => 0,
			'msg' => '账号密码不能为空'
		);
		echo json_encode($arr); die;
	}elseif($conf['logincode']==1){
		if(strtolower($code)!= $_SESSION["helloweba_code"]){
			$arr = array(
				'code' => 2,
				'msg' => '验证码错误',
			);
			echo json_encode($arr); die;
		}
	}
	$pwd	= md5($pwd);
	if($row=$DB->get_row("SELECT uid,user,active FROM ".DBQZ."_user WHERE user='$user' and pwd='$pwd' limit 1")){
		$cookie	= md5(uniqid().rand(1,1000));
		$time	= date("Y-m-d H:i:s");
		$DB->query("update ". DBQZ ."_user set cookie='$cookie',ip='$ip',lasttime='$date',lastip='$ip' where uid='{$row[uid]}'");
		setcookie(DBQZ ."_cookie",$cookie,time()+3600*24*14,'/');
		unset($_SESSION['helloweba_code']);
		addlog($user.' 在用户界面登录成功');
		$arr = array(
			'code' => 1,
			'msg' => $row['user'].'，欢迎回来!'
		);
	}else{
		$arr = array(
			'code' => 0,
			'msg' => '用户名或密码错误'
		);
	}
	echo json_encode($arr); die;
}
?>
<!DOCTYPE html>
<html lang="en">
	<head>
		<meta charset="utf-8" />
		<title>登录 - <?=$conf['name']?></title>
		<link rel="icon" href="/favicon.ico" type="image/x-icon" />
		<meta name="description" content="" />
		<meta name="keywords" content="">
		<link rel="stylesheet" type="text/css" href="../layui/css/layui.css" />
		
		<style>
			body{
				margin: 0 auto;
				color: #2c3e50;
				/*
				text-align: center;
				*/
			}
			.container {
			  max-width: 480px;
			  padding: 50px;
			  margin: 0 auto;
			  text-align: center;
			}
		</style>
	</head>
<body style="background-image: url(../layui/images/background.png);">

	<div class="container">
		<div class="layui-col-md12">
			<div class="layui-card">
				<div class="layui-card-header">登录面板</div>
				<div class="layui-card-body">
					<form class="layui-form layui-form-pane" action="">
						<div class="layui-form-item">
							<label class="layui-form-label">账户</label>
							<div class="layui-input-block">
								<input type="text" id="user" autocomplete="off" placeholder="请输入账户名" class="layui-input">
							</div>
						</div>
						
						<div class="layui-form-item">
							<label class="layui-form-label">密码</label>
							<div class="layui-input-block">
								<input type="password" id="pwd" autocomplete="off" placeholder="请输入密码" class="layui-input">
							</div>
						</div>
						
<?php if($conf['logincode']==1){ ?>
						<div class="layui-form-item">
							<label class="layui-form-label">验证码</label>
							<div class="layui-input-block">
								<input type="text" id="code" autocomplete="off" placeholder="请输入验证码" class="layui-input" style="padding-right: 102px;">
								<img id="img_code" style="position: absolute;top: 0;right: 1px; cursor: pointer;" src="../includes/code/get.code.php" onclick="$(this).attr('src','../includes/code/get.code.php?' + Math.random());">
							</div>
						</div>
<?php } ?>
						<button type="button" class="layui-btn layui-btn-fluid" onclick="login()">登 录</button>
						<hr class="layui-bg-gray">
						<div class="" style="margin-left: 315px;">
							<a href="reg.php" class="layui-btn layui-btn-primary layui-btn-xs">注册账号</a>
							<a href="findpwd.php" class="layui-btn layui-btn-primary layui-btn-xs">找回密码</a>
						</div>
					</form>
				</div>
			</div>
		</div>
	</div>
	
	<script src="../layui/layui.js"></script>
	<script src="../layui/layui.all.js"></script>
	<script src="https://cdn.bootcss.com/jquery/3.4.1/jquery.min.js"></script>
	<!--您的Layui代码start-->
	<script>
		$(document).keyup(function(event){
			if(event.keyCode ==13){
				login();
			}
		});
		function login(){
			var user = $('#user').val();
			var pwd = $('#pwd').val();
			var code = $('#code').val();
			if(user==''){
				layer.msg('输入账户名',{icon: 5});
			}else if(pwd==''){
				layer.msg('输入密码',{icon: 5});
			}else if(code==''){
				layer.msg('请输入验证码',{icon: 5});
			}else{
				var index = layer.load(1, {shade: [0.6,'#000']}); //0.1透明度的白色背景
				$.ajax({
					type: "post",   
					url:  "login.php", 
					data: "from=login&user=" + user + "&pwd=" + pwd + "&code=" + code,
					dataType: "json",
					success: function (res) {
						layer.close(index);
						if(res.code==1){
							// 登录成功
							layer.msg(res.msg,{icon: 6});
							location.href = 'main.php'
							
						}else if(res.code==0){
							// 登录失败
							layer.msg(res.msg,{icon: 5});
						}else if(res.code == 2){
							layer.msg(res.msg,{icon: 5});
							$('#img_code').attr('src','../includes/code/get.code.php?' + Math.random());
						}
					},
					error: function (res) {
						layer.msg('请求失败',{icon: 5});
						layer.close(index);
					}   
				});
			}
		}
	</script>
</body>
</html>